CN114363362A - Data processing method, device, server and readable storage medium - Google Patents

Data processing method, device, server and readable storage medium Download PDF

Info

Publication number
CN114363362A
CN114363362A CN202111423072.3A CN202111423072A CN114363362A CN 114363362 A CN114363362 A CN 114363362A CN 202111423072 A CN202111423072 A CN 202111423072A CN 114363362 A CN114363362 A CN 114363362A
Authority
CN
China
Prior art keywords
edge
data
key
data storage
server
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111423072.3A
Other languages
Chinese (zh)
Inventor
刘涛
孙文龙
伍少成
李伟华
温忠
李瑾
陆月明
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Power Supply Bureau Co Ltd
Original Assignee
Shenzhen Power Supply Bureau Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Power Supply Bureau Co Ltd filed Critical Shenzhen Power Supply Bureau Co Ltd
Priority to CN202111423072.3A priority Critical patent/CN114363362A/en
Publication of CN114363362A publication Critical patent/CN114363362A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1095Replication or mirroring of data, e.g. scheduling or transport for data synchronisation between network nodes

Abstract

The application relates to a data processing method, a data processing device, a server and a storage medium. The method comprises the following steps: the method comprises the steps of constructing a distributed data storage system based on edge computing, constructing an access control strategy based on edge data of a block chain through the distributed data storage system, constructing an edge key data storage alliance chain system, and storing the edge key data, an edge data request and the access control strategy to the edge key data storage alliance chain system. By adopting the method, the safety of the storage and the access of the edge data can be improved.

Description

Data processing method, device, server and readable storage medium
Technical Field
The present application relates to the field of communications technologies, and in particular, to a data processing method, an apparatus, a server, and a readable storage medium.
Background
With the gradual maturity of technologies such as internet of things, intelligent equipment and 5G, the requirements of collection, circulation, processing, sharing and the like of edge data between heterogeneous entities are met, and meanwhile, a data management method is required to be provided to ensure the privacy and safety of the edge data.
In the conventional technology, a large amount of edge data is uploaded to a cloud for storage and data synchronization is realized. However, the conventional method results in poor security of the edge data.
Disclosure of Invention
In view of the foregoing, it is desirable to provide a data processing method, apparatus, server and readable storage medium.
A method of data processing, the method comprising:
constructing a distributed data storage system based on edge calculation;
constructing an access control strategy based on the edge data of the block chain through a distributed data storage system;
constructing an edge key data storage alliance chain system;
and storing the edge key data, the edge data request and the access control strategy to the edge key data storage alliance chain system.
In one embodiment, the building, by the distributed data storage system, an access control policy based on edge data of a block chain includes:
and constructing an attribute-based encrypted data access control strategy of a multi-authorization center and an attribute-based encrypted inter-domain authentication strategy based on a block chain.
In one embodiment, the constructing an attribute-based encrypted data access control policy for multiple rights issuer comprises:
determining a private key of the block chain node through attribute information of an edge server;
constructing an access structure tree of the edge data;
encrypting the edge data through the access structure tree to obtain an encrypted ciphertext;
executing a confirmation key algorithm through the access structure tree, the private key and the encrypted ciphertext to obtain a confirmation key of the encrypted ciphertext;
and decrypting the encrypted ciphertext through the confirmation key to obtain the edge data.
In one embodiment, the determining, by the attribute information of the edge server, the private key of the blockchain node includes:
initializing the attribute information of the edge server to obtain a master key and a public key of a block chain node;
acquiring a block chain link point registration request, and verifying the legal state of a block chain node through a master key and a public key of the block chain node;
and if the blockchain node is in a legal state, determining a private key of the blockchain node through the attribute information of the edge server, the master key and the public key of the blockchain node.
In one embodiment, the edge data request comprises an inter-domain edge data request; the storing the edge key data, the edge data request and the access control policy to the edge key data storage federation chain system includes:
storing the edge key data to an intra-domain edge key data storage chain in the edge key data storage alliance chain system;
and storing the inter-domain edge data request and the access control strategy to an inter-domain data access storage chain in the edge key data storage alliance chain system.
In one embodiment, the building of the distributed data storage system based on edge computing includes:
building a distributed network through an edge server;
the distributed data storage system is constructed over a distributed network.
In one embodiment, the method further comprises:
encrypting the edge data through the access structure tree to obtain an encrypted ciphertext;
executing a confirmation key algorithm through the access structure tree and the encrypted ciphertext to obtain a confirmation key of the encrypted ciphertext;
and decrypting the encrypted ciphertext through the confirmation key to obtain the edge data.
In one embodiment, the method further comprises:
and storing the node state information of the distributed network to the distributed data storage system.
A data processing apparatus, the apparatus comprising:
the storage system construction module is used for constructing a distributed data storage system based on edge calculation;
the control strategy construction module is used for constructing an access control strategy based on the edge data of the block chain through the distributed data storage system;
the alliance chain system building module is used for building an edge key data storage alliance chain system;
and the storage module is used for storing the edge key data, the edge data request and the access control strategy to the edge key data storage alliance chain system.
A server comprising a memory and a processor, the memory storing a computer program that when executed by the processor performs the steps of:
constructing a distributed data storage system based on edge calculation;
constructing an access control strategy based on the edge data of the block chain through a distributed data storage system;
constructing an edge key data storage alliance chain system;
and storing the edge key data, the edge data request and the access control strategy to the edge key data storage alliance chain system.
A readable storage medium having stored thereon a computer program which, when executed by a processor, performs the steps of:
constructing a distributed data storage system based on edge calculation;
constructing an access control strategy based on the edge data of the block chain through a distributed data storage system;
constructing an edge key data storage alliance chain system;
and storing the edge key data, the edge data request and the access control strategy to the edge key data storage alliance chain system.
According to the data processing method, the data processing device, the server and the storage medium, the server can construct a distributed data storage system based on edge calculation, construct an access control strategy of edge data based on a block chain through the distributed data storage system, construct an edge key data storage alliance chain system, and store the edge key data, an edge data request and the access control strategy to the edge key data storage alliance chain system; according to the method, the edge data are stored by constructing the distributed data storage system, redundant backup and efficient synchronization of the edge data can be realized, the problems of single-point failure, distributed denial of service and the like in centralized storage are solved, controlled circulation of the edge data can be realized by constructing an access control strategy, the edge data leakage risk is reduced, the fine-grained access requirement of the edge data is met, in addition, the edge key data, the edge data request and the access control strategy are stored in an edge key data storage alliance chain system, consistency verification and diffusion track tracing of shared edge data can be realized, and the reliable sharing of the edge data is ensured; the method can improve the safety of the storage and the access of the edge data.
Drawings
FIG. 1 is a diagram of the internal structure of a server in one embodiment;
FIG. 2 is a flow diagram illustrating a data processing method according to one embodiment;
FIG. 3 is a flow diagram that illustrates a method for constructing an attribute-based encrypted data access control policy for multiple hubs, according to one embodiment;
FIG. 4 is a flowchart illustrating a method for determining a private key of a blockchain node according to another embodiment;
FIG. 5 is a flowchart illustrating a method for storing edge critical data, edge data requests, and access control policies to an edge critical data storage federation chain system, in accordance with another embodiment;
FIG. 6 is a schematic flow chart illustrating a method for constructing a distributed data storage system based on edge computing in accordance with another embodiment;
FIG. 7 is a block diagram of a data processing apparatus according to an embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the present application and are not intended to limit the present application.
The data processing method provided by the application can be applied to the server shown in fig. 1. As shown in fig. 1, the server includes a processor, a memory, a network interface, a display screen, and an input device connected by a system bus. Wherein the processor of the server is configured to provide computing and control capabilities. The memory of the server comprises a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system and a computer program. The internal memory provides an environment for the operation of an operating system and computer programs in the non-volatile storage medium. The database of the server is used to store pipelines and attribute information of the pipelines. The network interface of the server is used for communicating with an external endpoint through a network connection. The computer program is executed by a processor to implement a data processing method.
Those skilled in the art will appreciate that the architecture shown in fig. 1 is a block diagram of only a portion of the architecture associated with the subject application, and does not constitute a limitation on the servers to which the subject application applies, as a particular server may include more or less components than those shown, or may combine certain components, or have a different arrangement of components.
In one embodiment, as shown in fig. 2, a data processing method is provided, which is described by taking the application of the method to the server in fig. 1 as an example, and includes the following steps:
and S100, constructing a distributed data storage system based on edge calculation.
Specifically, some network edge devices exist in an edge network, and the network edge devices may involve edge calculation, so that the network edge devices acquire edge data of the edge calculation. The network edge devices may be edge routers, routing switches, firewalls, multiplexers and/or other wide area network devices, and the like. After the network edge device obtains the edge data, the edge data can be encrypted and signed, and then the encrypted and signed data are stored in at least two edge servers at the same time.
It should be noted that the server may construct the distributed data storage system based on the edge computing based on the memories in one or more edge servers. A distributed data storage system may be understood as a distributed data storage structure. In this embodiment, the server and the edge server belong to different servers.
S200, an access control strategy based on the edge data of the block chain is constructed through the distributed data storage system.
Specifically, the access control policy may be understood as an access control manner based on a block chain, which is established for a visitor accessing each edge data stored in the distributed data storage system. Meanwhile, the access control policy may also be an encryption and decryption method for edge data supporting cross-domain access.
It should be noted that the blockchain may be a distributed ledger shared by multiple parties. The block chain can realize the non-tamper property of transaction data and historical records through a mathematical method, and realize the common confirmation and the account book record of each participant to the transaction through a consensus algorithm and an intelligent contract. Block chains can be divided into three basic types, public chains, alliance chains and private chains. The above transaction may be understood as data received by the blockchain. The consensus algorithm can be an algorithm for ensuring data consistency of a distributed system, and can ensure that a plurality of participants of the distributed system achieve data consistency through certain protocol interaction, wherein common algorithms comprise PBFT, RAFT, POW, POS and the like.
And S300, constructing an edge key data storage alliance chain system.
Specifically, the edge key data may be obtained by performing key data extraction on the edge data. The edge key data storage alliance chain system can be composed of various network edge devices in a device layer, an internet of things gateway, an edge server, a block chain system and distributed application, and can be called as an edge key data storage alliance chain structure.
S400, storing the edge key data, the edge data request and the access control strategy to an edge key data storage alliance chain system.
Specifically, the edge data request may be understood as an edge data access request. In this embodiment, the server may store the edge key data, the edge data request, and the access control policy in the edge key data storage federation chain system according to a preset storage order and a preset storage manner. The storage order may be a priority storage order between the edge key data, the edge data request and the access control policy, or a synchronous storage order, and the like, and the storage manner may be that the edge key data, the edge data request and the access control policy are stored in a form of a table, or the edge key data, the edge data request and the access control policy are stored in a form of a document, and the like.
The data processing method can construct a distributed data storage system based on edge calculation, construct an access control strategy of edge data based on a block chain through the distributed data storage system, construct an edge key data storage alliance chain system, and store the edge key data, an edge data request and the access control strategy to the edge key data storage alliance chain system; according to the method, the edge data are stored by constructing a distributed data storage system, redundant backup and efficient synchronization of the edge data can be realized, the problems of single-point failure, distributed denial of service and the like in centralized storage are solved, controlled circulation of the edge data can be realized by constructing an access control strategy, the edge data leakage risk is reduced, the fine-grained access requirement of the edge data is met, in addition, the edge key data, the edge data request and the access control strategy are stored in an edge key data storage alliance chain system, consistency verification and diffusion track tracing of shared edge data can be realized, and the reliable sharing of the edge data is ensured; the method can improve the safety of the storage and the access of the edge data.
In one embodiment, the step of constructing the access control policy based on the edge data of the block chain through the distributed data storage system in S200 may include: and constructing an attribute-based encrypted data access control strategy of a multi-authorization center and an attribute-based encrypted inter-domain authentication strategy based on a block chain.
Specifically, the authorization center may be a management center of a plurality of edge servers. The presence of multiple edge servers in a distributed network may allow for security management, data management, etc. through multiple authorization centers.
It should be noted that, a root certificate authority RCA is used as an authority, and a root certificate authority DCA of each domain trust anchor is used as an authentication server node to form an authentication certificate block chain network, in order to implement cross-domain authentication, the DCA nodes of trust anchor roots of multiple domains are permitted and then added into a federation chain, and used as verification nodes of the federation chain, and perform operations such as data reading and writing, query, and the like.
Taking A domain and B domain as cross-domain authentication as an example, constructing an inter-domain authentication strategy facing attribute-based encryption, wherein the strategy can be composed of a user, a Domain Certificate Authority (DCA) server and a Root Certificate Authority (RCA) server; both the root certificate authority RCA server and the domain certificate authority DCA server can be used as blockchain nodes to respectively execute tasks of generating a certificate and recording the certificate into a blockchain and inquiring a blockchain verification certificate. The construction process of the attribute-based encryption inter-domain authentication strategy based on the block chain comprises the following steps:
(1)UA→DCAB: a domain user UARequesting access to B domain authenticationCertificate server DCAB
(2)DCAB→UA:{N1}: b domain authentication server DCABReceiving A domain user UAAfter the request, the request is responded and the user U in the A domain is sent to the user U in the A domainATransmitting a random number N1
(3)
Figure BDA0003377212260000071
i) A domain user UA receives B domain authentication server DCABUsing the user UAAuthentication private key SKUAFor random number N1Signature generation
Figure BDA0003377212260000072
ii) A Domain user UAResponding to domain B authentication server DCABRequest of A domain user certificate
Figure BDA0003377212260000073
Signature
Figure BDA0003377212260000074
Random number N1Sending as a message to the B-Domain authentication Server DCAB
(4)DCAB→DCAA:{N2}:
i) B domain authentication server DCABUpon receipt of the message, the random number N is checked1Whether it is valid;
ii) by
Figure BDA0003377212260000075
And N1Authentication
Figure BDA0003377212260000076
Whether the certificate is correct or not, the certificate is analyzed, the validity period of the certificate is checked, and a domain A trust anchor DCA is determined through the certificate or a certificate chainA
iii) B Domain authentication Server DCABAuthenticating a server DCA to A DomainASending a request for applicationObtaining A-domain trust anchor DCAABlock chain certificate of
Figure BDA0003377212260000077
And transmits a random number N2
(5)
Figure BDA0003377212260000081
A domain certificate authentication server DCAAReceived request and random number N2The A domain trust anchor DCAABlock chain certificate of
Figure BDA0003377212260000082
Random number N2Sent as a message to the B domain authentication server DCAB
(6)
Figure BDA0003377212260000083
i) B domain authentication server DCABAfter receiving the message, the random number N is checked2Whether it is valid;
ii) analysis
Figure BDA0003377212260000084
Checking validity period, B domain authentication server DCABUse of
Figure BDA0003377212260000085
Querying the blockchain to obtain a result queried on the blockchain: (a) if the inquiry result does not exist, the A domain authentication server provides an incorrect trust anchor DCAAA blockchain certificate, authentication failure; (b) if the query result is issue and revoke, the A domain trust anchor DCA is indicatedAThe block chain certificate is in a revocation state, and the authentication fails; (c) if the query result only has the issue, the A domain trust anchor DCA is indicatedAThe block chain certificate is in an issued state, and the authentication is successful;
iv) after successful authentication, the B domain authentication server DCABGenerating a cross-domain blockchain certificate
Figure BDA0003377212260000086
And records the block chain and feeds back to the A domain server UAThereby realizing the authentication of the B domain service to the A domain server.
Meanwhile, the reverse authentication of the a-domain server to the B-domain server can be achieved by adopting the above (1) to (6). Based on the authentication mode, the bidirectional authentication of the server in the A domain and the server in the B domain can be realized so as to verify the validity of the certificate.
In addition, repeated authentication can be realized between the A domain server and the B domain server, and in the repeated authentication process, the A domain server UACan directly use the cross-domain block chain certificate
Figure BDA0003377212260000087
To the B domain authentication server DCABAuthentication server DCA by B domainBAnd inquiring the certification certificate alliance chain, and verifying the validity of the certificate.
The data processing method can construct an attribute-based encrypted data access control strategy of a plurality of authorization centers and an attribute-based encrypted inter-domain authentication strategy based on a block chain, thereby realizing the controlled circulation of the edge data, reducing the leakage risk of the edge data and meeting the fine-grained access requirement of the edge data.
As an embodiment, as shown in fig. 3, the step of constructing an attribute-based encrypted data access control policy of a multiple authorization center may specifically include:
s210, determining a private key of the block chain node through the attribute information of the edge server.
Specifically, the attribute information of the edge server may be an operation state, an IP address, an ID code, configuration information, and the like of the edge server. The server can perform operation processing on the attribute information of the edge server to obtain the private key of the block chain node. The operation may include a logarithmic operation, an exponential operation, an addition operation, a subtraction operation, a multiplication operation, and/or a division operation, among others.
As shown in fig. 4, the step of determining the private key of the blockchain node through the attribute information of the edge server in S210 may specifically include:
s211, initializing the attribute information of the edge server to obtain a master key and a public key of the block chain node.
Specifically, let the security parameter of the edge server be 1λA global attribute set constructed by attribute information of all edge servers in the distributed network is U, and a trusted Root Certificate Authority (RCA) authorization key distribution center in the distributed network generates a public key PK and a system master key MK, wherein the specific calculation process is as follows:
will secure parameter 1λAs input, a function is first run
Figure BDA0003377212260000093
Generating parameters (p, G)1,G2E), where the order of G1 is p, a bilinear group of element G is generated, and the bilinear map e is satisfied: g1×G1→G2Simultaneously, stacking and selecting alpha, beta epsilon to ZpP is a group of generator elements for identifying RCA or DCA, ZpThe generated master key MK may be (β, g)α) Generated public key
Figure BDA0003377212260000091
The RCA-issued certificate may be a public key for end-user data encryption.
S212, acquiring the registration request of the block chain link points, and verifying the legal state of the block chain nodes through the master key and the public key of the block chain nodes.
It should be noted that, in order to verify the legal status of the blockchain node, the server may first verify the validity of the visitor. Specifically, when the RCA receives a block link point registration request sent by a Domain Certificate Authority (DCA), the RCA may randomly select a unique Aid (Aid belongs to Z) for the DCAp) And generates a random number k for the DCAAid(kAid∈Zp) Computing the public key as the private key
Figure BDA0003377212260000092
At the same time, RCA can generate an inclusion for DCAPublic key PKAidCertificate of (Cert)AidAnd through SKRCASigned to prove the validity of the DCA user, Pair (Aid, PK)Aid,CertAid) Performing uplink processing, and sending the kAid to the DCA by using a secret channel; the above block link point registration request may be a DCA registration request, and may also be understood as a block link point user registration request.
Further, the validity of the organization is verified, and when the RCA receives a block chain link point registration request sent by the DCA, the RCA can randomly select the unique Uid belonging to the Z for identifying the DCA userpAnd global attribute set UUidAt the same time RCA can generate a certificate Cert for DCAUidAnd use SKRCASigning to prove the validity of the DCA user will (Uid, U)Uid,CertUid) Sent to DCA which will again (Uid, U)Uid,CertUid) Secret is sent to DCA user, DCA user parallel (Uid, U)Uid,CertUid) And performing uplink processing. The certificate issued by the DCA may be a public key for end user data encryption.
And S213, if the blockchain node is in a legal state, determining a private key of the blockchain node through the attribute information of the edge server, the master key and the public key of the blockchain node.
Specifically, when verifying that the blockchain node is in a legal state, the server may determine the private key of the blockchain node through the attribute information of the edge server, the master key and the public key of the blockchain node.
It should be noted that DCA may generate a private key SK for a blockchain node userUidAnd DCA uses public key PK, system master key MK and global attribute set U of block chain link pointUidAs input, a secret key SK of a block chain node is generated by executing a secret key generation algorithmUidThe specific calculation process of the private key can be represented by formula (1); wherein r ∈ Z is randomly selectedpSimultaneously selecting a random number r for each attribute in the global attribute setj∈Zp,j∈UUidH is UUid→G1Mapping the function of (2);
Figure BDA0003377212260000101
s220, constructing an access structure tree of the edge data.
In particular, the server may construct an access structure tree for visitors accessing each edge data stored in the distributed data storage system. Wherein, a plurality of tree nodes can be included in an access structure tree, and the server can randomly define a polynomial q for each tree node in the access structure treex(ii) a Order d of the polynomialxMay be a threshold value h of the corresponding tree nodexSubtracting 1, starting from the root tree node R of the access structure tree, searching, traversing and selecting according to breadth first, and randomly selecting s E to Z in the traversing processpAnd let q beR(0) D is randomly defined as sRRandom polynomial of order qRFor other non-root tree nodes x, let q bex(0)=qparent(x)(index (x)), d is randomly definedxRandom polynomial of order qxUntil all tree nodes in the access structure tree are completely defined. In this embodiment, the execution sequences of S210 and S220 may interact with each other.
And S230, encrypting the edge data by accessing the structure tree to obtain an encrypted ciphertext.
Specifically, the server may perform arithmetic operation on the edge data by accessing the structure tree to implement encryption, so as to obtain an encrypted ciphertext. The arithmetic operations may be addition, subtraction, multiplication, division, exponentiation, logarithm, etc., or may be a combination of these operations. However, in this embodiment, the encryption process may be implemented by using formula (2), specifically:
Figure BDA0003377212260000111
where M denotes edge data and CT denotes an encrypted ciphertext.
S240, executing a confirmation key algorithm by accessing the structure tree, the private key and the encrypted ciphertext to obtain a confirmation key of the encrypted ciphertext.
Specifically, the server may search, in the access structure tree of the edge data, whether the access attribute information of the visitor of the edge data exists, and if the access attribute information of the visitor of the edge data exists, may obtain the private key of the blockchain node, and execute a confirmation key algorithm according to the private key of the blockchain node and the encrypted ciphertext CT, to obtain the confirmation key CK of the encrypted ciphertext. The above-described validation key algorithm may perform arithmetic operations, which may be addition operations, subtraction operations, multiplication operations, division operations, exponential operations, logarithmic operations, and the like, as well as combinations thereof. However, in this embodiment, the specific process of executing the confirmation key algorithm can be expressed by formula (3):
Figure BDA0003377212260000112
in this embodiment, the above S210 may be performed just before the above S240.
And S250, decrypting the encrypted ciphertext through confirming the key to obtain edge data.
Specifically, when the visitor accesses the edge data, the server may obtain the encrypted ciphertext, and then decrypt the encrypted ciphertext by confirming the key to obtain the edge data. The decryption process may be implemented by arithmetic operations, such as addition, subtraction, multiplication, division, exponentiation, logarithm, etc., or combinations thereof. However, in this embodiment, the decryption process can be expressed by equation (4):
Figure BDA0003377212260000113
the data processing method can determine the private key of the block chain node through the attribute information of the edge server, construct an access structure tree of the edge data, encrypt the edge data through the access structure tree to obtain an encrypted ciphertext, execute a confirmation key algorithm through the access structure tree, the private key and the encrypted ciphertext to obtain a confirmation key of the encrypted ciphertext, and decrypt the encrypted ciphertext through the confirmation key to obtain the edge data; the method can encrypt the edge data, and can safely decrypt the encrypted ciphertext when a user accesses the edge data so as to ensure the privacy and the safe access of the edge data.
As one embodiment, the edge data request comprises an inter-domain edge data request; as shown in fig. 5, the step of storing the edge key data, the edge data request, and the access control policy in the edge key data storage federation chain system in S300 may include:
and S310, storing the edge key data into an intra-domain edge key data storage chain in the edge key data storage alliance chain system.
Specifically, the edge key data storage federation chain system may include two subsystems, which are an intra-domain edge key data storage chain and an inter-domain data access storage chain, respectively. The edge-critical data storage federation chain system can be composed of two double-chain systems which are isolated from each other and are associated with each other through block link points. The domain edge key data storage chain can be used for encrypting and storing information such as addresses and abstracts of domain edge data. The intra-domain edge key data storage chain can be understood as an intra-domain edge key data distributed ledger.
In this embodiment, edge data may be generated by each network edge device in the device layer, the network edge device may transmit the edge data to an edge server through an internet gateway, the edge server transmits and describes the edge data to an intra-domain edge key data storage chain through decentralized application, an edge key data storage federation chain system may invoke an intelligent contract, the intelligent contract performs a chaining operation after being standardized by key data, a consensus algorithm is jointly run through a storage chain node, the edge data is stored to the intra-domain edge key data storage chain through audit verification to form a data book structure, and secure and reliable storage of the edge data of the decentralized application is achieved. The intelligent contract can describe contract terms, transaction conditions, transaction business logic and the like in a computer language by one of the characteristics of the block chain technology, and the automatic execution of the transaction and the operation on the account data are realized by calling the intelligent contract.
In addition, in this embodiment, the query condition parameters may be set in an intelligent contract manner, so that edge data sharing among block link points and secure access at authorized block link points can be automatically performed.
During the process of storing the edge key data in the edge data into the intra-domain edge key data storage chain, the accuracy of the edge data to be stored can be judged, and the edge data to be stored can be standardized, so that the edge data can be reliably shared. Since the blockchain is a non-tamper-able data book storage structure, a standardization process must be performed before the edge data is uplinked, so as to reduce the edge data modification cost caused by the non-standardized edge data uplink storage. The process of the standardization processing may be described as using an intelligent contract to complete an integrity correctness assurance hash value obtained by storing the edge data file in the distributed edge data storage, an aggregated data key data description obtained by calculating the edge data, and a development language (such as json, Java, Js, and the like) format file defined for the description information of the edge data, so as to achieve the key data standardization of the important sensitive edge data. The edge privacy data availability is ensured on the premise of protecting the user privacy data by means of improving the granularity of the edge important sensitive data through data aggregation processing.
It can be understood that the acquisition device can acquire data acquired by the network edge device, and parse the data into edge data through the acquisition device master station server, then, the edge data description is added by the decentralized application and then an edge data uplink request is sent, the decentralized application transmits the submitted parameters and the function of requesting to be stored to a software development kit, the software development kit can call an uplink storage method in the encapsulated invoke interface, the interface mainly comprises the steps that a chain proposal stored by edge data is constructed firstly, the chain proposal in a software development kit is sent to each endorsement node for endorsement according to a preset endorsement strategy, each endorsement node can execute a standardized edge key data function in an invoke interface in an intelligent contract according to a request, and after the intelligent contract is executed, each endorsement node can generate a reading and writing set. After the software development kit obtains each read-write set, verifying each read-write set, and judging whether the contents in the read-write sets are consistent after the verification is successful; if the contents are inconsistent, the endorsement fails, the transaction cannot be continued, and if the contents are consistent, the chain deposit certificate is continued. The software development kit can send the uplink evidence storing request to the sequencing node by calling an intelligent contract method, and the sequencing node can sequence and package the transactions to generate blocks and then broadcast the blocks to each network node in the distributed network. The submitting node can verify the correctness of the transaction by using the intelligent contract, and sends the Event to the software development kit after the verification is completed, the software development kit can return the Event to the decentralized application for processing, and return the storage result of the edge key data uplink to the user terminal, and the user can obtain the execution result of the edge key data uplink storage.
And S320, storing the inter-domain edge data request and the access control strategy to an inter-domain data access storage chain in the edge key data storage alliance chain system.
Specifically, the inter-domain data access storage chain may be used to store information such as an inter-domain edge data request and an access control policy. Each edge node requesting inter-domain edge data access can realize inter-domain authentication of each other through an inter-domain authentication protocol and a verification authentication certificate alliance chain before two parties propose cross-domain edge data access requests so as to know all attribute sets and certificate structures of a data requesting party or organization; the cross-domain edge data request can be generated through network edge equipment or a private chain server node of an equipment layer and is transmitted to the edge cross-domain server node through an internet gateway, after identity authentication of two parties, the edge server encrypts key data on an edge data chain by using attributes, the key data are stored to an inter-domain data access storage chain through decentralized application, the inter-domain data access storage chain can call an intelligent contract to execute uplink operation, a consensus algorithm is jointly operated through the inter-domain data access storage chain node, a cross-domain access control strategy is stored to the inter-domain data access storage chain through audit verification to form a strategy account book structure, and safe and reliable storage and data traceability of the cross-domain access control strategy of the decentralized application are achieved.
It should be noted that the inter-domain data access storage chain may be understood as an inter-domain edge data access distributed ledger.
The data processing method can store the edge key data into an intra-domain edge key data storage chain in the edge key data storage alliance chain system, and store the inter-domain edge data request and the access control strategy into an inter-domain data access storage chain in the edge key data storage alliance chain system, so that consistency verification and diffusion track tracing of the edge data can be shared, and reliable sharing of the edge data is guaranteed.
As an embodiment, as shown in fig. 6, the step of constructing a distributed data storage system based on edge calculation in S100 may specifically include:
and S110, establishing a distributed network through the edge server.
In particular, the servers may form a distributed network with at least two edge servers that store encrypted and signed data. Each edge server may be referred to as a node of a distributed network. A plurality of organizations may be included in the distributed network, and each organization may include a plurality of nodes.
And S120, constructing a distributed data storage system through a distributed network.
It is understood that the server may construct a distributed data storage system based on a distributed storage and routing algorithm (i.e., Kademlia algorithm) through the memory of each edge server in the constructed distributed network. The server may assign randomly generated multi-byte node identity information to each edge server in the distributed network. In this embodiment, the node identity information may be 160 bytes, where the first 32 bytes are organization codes of an organization to which the node belongs in the distributed network, and the last 128 bytes are unique identification codes randomly generated in all organizations. Each edge server in the distributed data storage system can only store a part of edge data through the constructed data storage rule, not all the edge data to be stored, and the nodes in the same organization preferentially store backup, so that redundant backup and efficient synchronization of the edge data in the organization are realized.
The data processing method can construct a distributed data storage system based on edge calculation, so that edge data are stored in a local controllable insurance domain, nodes between domains are constructed to form a distributed storage structure, redundant backup and efficient synchronization of the data are realized, and the problems of single-point failure, distributed denial of service and the like in centralized storage are solved.
As one embodiment, the data processing method may further include: and storing the node state information of the distributed network to a distributed data storage system.
Specifically, after executing the above S100, the server may obtain the node status message of the distributed network, and store the node status message of the distributed network to the distributed data storage system.
It should be noted that the node status message of the distributed network may be understood as the status information of the edge server in the distributed network. The state information of the edge servers can be stored in each edge server through a K-bucket mechanism. The Kademlia algorithm described above may calculate the distance between nodes by an exclusive or operation. In a distributed data storage system based on edge computing, each edge server may have a 160-tier K-bucket mechanism table. For K-bucket i of each edge server, each edge server stores state information of K nodes which are at most a distance of [2i-1, 2i) from the edge server, wherein the state information can comprise ID, IP address and access port of the node; k is a system level constant that can be set dynamically according to the distributed data storage system, such as the Kademlia algorithm used in bitstreams to set k to 8. In the embodiment, the K-bucket mechanism can make n edge servers need lgn queries at most to find the target edge data. An organization may be referred to as a domain, and may include a plurality of nodes within the domain.
For example, taking the primary edge data uplink storage and the across-domain edge data sharing as an example, the specific implementation steps are as follows:
(1) the server holding the edge data can encrypt the edge data by using a high-level encryption standard symmetric encryption algorithm to obtain an encrypted ciphertext, take a hash value of the encrypted ciphertext as a key value, and store copies of the encrypted ciphertext and the signature in K distributed data storage systems which are close to an ID value and the key value of the network node in a key value pair mode. Finally, the distributed data storage system with the edge data deploys the access type of the edge data, the timestamp, the symmetric key encrypted by using the attribute, the hash value of the edge data, the account information and the remark information to an intra-domain edge key data storage chain through uplink operation to realize trusted sharing;
(2) the edge server of the edge data request can decrypt the edge data on the chain meeting the access structure tree by using the attribute key of the edge server to obtain the hash of the edge data and a decryption key; the edge server of the edge data request searches key value pairs based on a distributed search algorithm, finds a stored encrypted ciphertext and a specific edge server, verifies the ownership of the encrypted ciphertext by the edge data signature, and verifies the integrity of the edge data by calculating the hash value of the edge data and comparing the hash value with the hash identifier recorded on the block chain to realize complete, consistent and credible sharing of the edge data;
(3) through inter-domain identity authentication and authentication certificate chain certificate verification, the server holding the edge data performs attribute encryption on a symmetric key and a hash value of the edge data by combining attributes of an edge server of a cross-domain request, and deploys information such as an edge data access type, account information of the server holding the edge data, account information of the edge server of the edge data request, a timestamp and a remark to an inter-domain edge data access chain through uplink operation, the edge server of the edge data request forwards by using a block chain link point, and the edge data is accessed through the access step in the step (2).
The data processing method can store the node state information of the distributed network to the distributed data storage system, so that the time for searching the target edge data from all the stored edge data by the edge server is reduced, and meanwhile, the query times can be reduced.
In order to facilitate understanding of those skilled in the art, the data processing method provided by the present application is described by taking an execution subject as a server as an example, and specifically, the method includes:
(1) building a distributed network through an edge server;
(2) constructing a distributed data storage system through a distributed network;
(3) initializing attribute information of an edge server to obtain a master key and a public key of a block chain node;
(4) acquiring a block chain link point registration request, and verifying the legal state of a block chain node through a master key and a public key of the block chain node;
(5) if the blockchain node is in a legal state, determining a private key of the blockchain node through the attribute information of the edge server, the master key and the public key of the blockchain node;
(6) constructing an access structure tree of the edge data;
(7) encrypting the edge data by accessing the structure tree to obtain an encrypted ciphertext;
(8) executing a confirmation key algorithm by accessing the structure tree, the private key and the encrypted ciphertext to obtain a confirmation key of the encrypted ciphertext;
(9) decrypting the encrypted ciphertext by confirming the key to obtain edge data;
(10) constructing an attribute-based encryption inter-domain authentication strategy based on a block chain;
(11) storing the edge key data to an intra-domain edge key data storage chain in an edge key data storage alliance chain system; the edge data request comprises an inter-domain edge data request;
(12) storing the inter-domain edge data request and the access control strategy into an inter-domain data access storage chain in an edge key data storage alliance chain system;
(13) and storing the node state information of the distributed network to a distributed data storage system.
For the implementation processes of (1) to (13), reference may be specifically made to the description of the above embodiments, and the implementation principles and technical effects thereof are similar and are not described herein again.
It should be understood that although the various steps in the flow charts of fig. 2-6 are shown in order as indicated by the arrows, the steps are not necessarily performed in order as indicated by the arrows. The steps are not performed in the exact order shown and described, and may be performed in other orders, unless explicitly stated otherwise. Moreover, at least some of the steps in fig. 2-6 may include multiple steps or multiple stages, which are not necessarily performed at the same time, but may be performed at different times, which are not necessarily performed in sequence, but may be performed in turn or alternately with other steps or at least some of the other steps.
In one embodiment, as shown in fig. 7, there is provided a data processing apparatus including: a storage system building module 11, a control strategy building module 12, a federation chain system building module 13, and a storage module 14, wherein:
the storage system construction module 11 is used for constructing a distributed data storage system based on edge calculation;
the control strategy building module 12 is used for building an access control strategy based on the edge data of the block chain through the distributed data storage system;
a federation chain system construction module 13, configured to construct an edge key data storage federation chain system;
and the storage module 14 is configured to store the edge key data, the edge data request, and the access control policy to the edge key data storage federation chain system.
The data processing apparatus provided in this embodiment may execute the method embodiments, and the implementation principle and the technical effect are similar, which are not described herein again.
In one embodiment, the control strategy building block 12 comprises: a policy building unit, wherein:
and the strategy construction unit is used for constructing an attribute-based encrypted data access control strategy of the multiple authorization centers and an attribute-based encrypted inter-domain authentication strategy based on the block chain.
The data processing apparatus provided in this embodiment may execute the method embodiments, and the implementation principle and the technical effect are similar, which are not described herein again.
In one embodiment, the policy building unit includes: the private key confirms subunit, structure tree and constructs subunit, encryption subunit, algorithm execution subunit and deciphers subunit, wherein:
the private key determining subunit is used for determining the private key of the block chain node according to the attribute information of the edge server;
the structure tree construction subunit is used for constructing an access structure tree of the edge data;
the encryption subunit is used for encrypting the edge data by accessing the structure tree to obtain an encrypted ciphertext;
the algorithm execution subunit is used for executing a confirmation key algorithm by accessing the structure tree, the private key and the encrypted ciphertext to obtain a confirmation key of the encrypted ciphertext;
and the decryption subunit is used for decrypting the encrypted ciphertext by confirming the key to obtain the edge data.
The data processing apparatus provided in this embodiment may execute the method embodiments, and the implementation principle and the technical effect are similar, which are not described herein again.
In one embodiment, the private key determining subunit comprises: an initialization subunit, a verification subunit and a private key acquisition subunit, wherein:
the initialization subunit is used for initializing the attribute information of the edge server to obtain a master key and a public key of the block chain node;
the verification subunit is used for acquiring the registration request of the block chain link node and verifying the legal state of the block chain node through the main key and the public key of the block chain node;
and the private key obtaining subunit is used for determining the private key of the block chain node through the attribute information of the edge server, the master key and the public key of the block chain node when the block chain node is in a legal state.
The data processing apparatus provided in this embodiment may execute the method embodiments, and the implementation principle and the technical effect are similar, which are not described herein again.
In one embodiment, the edge data request comprises an inter-domain edge data request; the memory module 14 includes: a first storage unit and a second storage unit, wherein:
the first storage unit is used for storing the edge key data to an intra-domain edge key data storage chain in an edge key data storage alliance chain system;
and the second storage unit is used for storing the inter-domain edge data request and the access control strategy to an inter-domain data access storage chain in the edge key data storage alliance chain system.
The data processing apparatus provided in this embodiment may execute the method embodiments, and the implementation principle and the technical effect are similar, which are not described herein again.
In one embodiment, the storage system construction module 11 includes: a network construction unit and a storage system construction unit, wherein:
the network building unit is used for building a distributed network through an edge server;
and the storage system construction unit is used for constructing the distributed data storage system through a distributed network.
The data processing apparatus provided in this embodiment may execute the method embodiments, and the implementation principle and the technical effect are similar, which are not described herein again.
In one embodiment, the data processing apparatus further comprises: a message storage module, wherein:
and the message storage module is used for storing the node state messages of the distributed network into the distributed data storage system.
The data processing apparatus provided in this embodiment may execute the method embodiments, and the implementation principle and the technical effect are similar, which are not described herein again.
For specific limitations of the data processing apparatus, reference may be made to the above limitations of the data processing method, which are not described herein again. The various modules in the data processing apparatus described above may be implemented in whole or in part by software, hardware, and combinations thereof. The modules can be embedded in a hardware form or independent of a processor in the server, and can also be stored in a memory in the server in a software form, so that the processor can call and execute operations corresponding to the modules.
In one embodiment, there is provided a server comprising a memory and a processor, the memory having a computer program stored therein, the processor when executing the computer program implementing the steps of:
constructing a distributed data storage system based on edge calculation;
constructing an access control strategy based on the edge data of the block chain through a distributed data storage system;
constructing an edge key data storage alliance chain system;
and storing the edge key data, the edge data request and the access control strategy to the edge key data storage alliance chain system.
In one embodiment, a storage medium is provided having a computer program stored thereon, the computer program when executed by a processor implementing the steps of:
constructing a distributed data storage system based on edge calculation;
constructing an access control strategy based on the edge data of the block chain through a distributed data storage system;
constructing an edge key data storage alliance chain system;
and storing the edge key data, the edge data request and the access control strategy to the edge key data storage alliance chain system.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware instructions of a computer program, which can be stored in a non-volatile computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. Any reference to memory, storage, database or other medium used in the embodiments provided herein can include at least one of non-volatile and volatile memory. Non-volatile Memory may include Read-Only Memory (ROM), magnetic tape, floppy disk, flash Memory, optical storage, or the like. Volatile Memory can include Random Access Memory (RAM) or external cache Memory. By way of illustration and not limitation, RAM can take many forms, such as Static Random Access Memory (SRAM) or Dynamic Random Access Memory (DRAM), among others.
The technical features of the above embodiments can be arbitrarily combined, and for the sake of brevity, all possible combinations of the technical features in the above embodiments are not described, but should be considered as the scope of the present specification as long as there is no contradiction between the combinations of the technical features.
The above-mentioned embodiments only express several embodiments of the present application, and the description thereof is more specific and detailed, but not construed as limiting the scope of the invention. It should be noted that, for a person skilled in the art, several variations and modifications can be made without departing from the concept of the present application, which falls within the scope of protection of the present application. Therefore, the protection scope of the present patent shall be subject to the appended claims.

Claims (10)

1. A method of data processing, the method comprising:
constructing a distributed data storage system based on edge calculation;
constructing an access control strategy based on the edge data of the block chain through a distributed data storage system;
constructing an edge key data storage alliance chain system;
and storing the edge key data, the edge data request and the access control strategy to the edge key data storage alliance chain system.
2. The method of claim 1, wherein constructing an access control policy for blockchain-based edge data by a distributed data storage system comprises:
and constructing an attribute-based encrypted data access control strategy of a multi-authorization center and an attribute-based encrypted inter-domain authentication strategy based on a block chain.
3. The method according to claim 1 or 2, wherein the constructing of the attribute-based encrypted data access control policy of the multiple rights issuer comprises:
determining a private key of the block chain node through attribute information of an edge server;
constructing an access structure tree of the edge data;
encrypting the edge data through the access structure tree to obtain an encrypted ciphertext;
executing a confirmation key algorithm through the access structure tree, the private key and the encrypted ciphertext to obtain a confirmation key of the encrypted ciphertext;
and decrypting the encrypted ciphertext through the confirmation key to obtain the edge data.
4. The method of claim 3, wherein the determining the private key of the blockchain node through the attribute information of the edge server comprises:
initializing the attribute information of the edge server to obtain a master key and a public key of a block chain node;
acquiring a block chain link point registration request, and verifying the legal state of a block chain node through a master key and a public key of the block chain node;
and if the blockchain node is in a legal state, determining a private key of the blockchain node through the attribute information of the edge server, the master key and the public key of the blockchain node.
5. The method of claim 1, wherein the edge data request comprises an inter-domain edge data request; the storing the edge key data, the edge data request and the access control policy to the edge key data storage federation chain system includes:
storing the edge key data to an intra-domain edge key data storage chain in the edge key data storage alliance chain system;
and storing the inter-domain edge data request and the access control strategy to an inter-domain data access storage chain in the edge key data storage alliance chain system.
6. The method of claim 1, wherein constructing the edge computing-based distributed data storage system comprises:
building a distributed network through an edge server;
the distributed data storage system is constructed over a distributed network.
7. The method of claim 1, further comprising:
and storing the node state information of the distributed network to the distributed data storage system.
8. A data processing apparatus, characterized in that the apparatus comprises:
the storage system construction module is used for constructing a distributed data storage system based on edge calculation;
the control strategy construction module is used for constructing an access control strategy based on the edge data of the block chain through the distributed data storage system;
the alliance chain system building module is used for building an edge key data storage alliance chain system;
and the storage module is used for storing the edge key data, the edge data request and the access control strategy to the edge key data storage alliance chain system.
9. A server comprising a memory and a processor, the memory storing a computer program, wherein the processor when executing the computer program performs the steps of the method according to any of claims 1-7.
10. A readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the steps of the method according to any one of claims 1 to 7.
CN202111423072.3A 2021-11-26 2021-11-26 Data processing method, device, server and readable storage medium Pending CN114363362A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111423072.3A CN114363362A (en) 2021-11-26 2021-11-26 Data processing method, device, server and readable storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111423072.3A CN114363362A (en) 2021-11-26 2021-11-26 Data processing method, device, server and readable storage medium

Publications (1)

Publication Number Publication Date
CN114363362A true CN114363362A (en) 2022-04-15

Family

ID=81096339

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111423072.3A Pending CN114363362A (en) 2021-11-26 2021-11-26 Data processing method, device, server and readable storage medium

Country Status (1)

Country Link
CN (1) CN114363362A (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110320809A1 (en) * 2010-06-23 2011-12-29 Motorola, Inc. Method and apparatus for key revocation in an attribute-based encryption scheme
CN111611621A (en) * 2020-05-29 2020-09-01 宁波富万信息科技有限公司 Block chain based distributed data encryption storage method and electronic equipment
CN112187907A (en) * 2020-09-22 2021-01-05 远光软件股份有限公司 Data processing method for edge calculation, communication method for Internet of things and electronic equipment
CN112511553A (en) * 2020-12-08 2021-03-16 清华大学 Hierarchical Internet trust degree sharing method

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110320809A1 (en) * 2010-06-23 2011-12-29 Motorola, Inc. Method and apparatus for key revocation in an attribute-based encryption scheme
CN111611621A (en) * 2020-05-29 2020-09-01 宁波富万信息科技有限公司 Block chain based distributed data encryption storage method and electronic equipment
CN112187907A (en) * 2020-09-22 2021-01-05 远光软件股份有限公司 Data processing method for edge calculation, communication method for Internet of things and electronic equipment
CN112511553A (en) * 2020-12-08 2021-03-16 清华大学 Hierarchical Internet trust degree sharing method

Similar Documents

Publication Publication Date Title
US11025435B2 (en) System and method for blockchain-based cross-entity authentication
US11533164B2 (en) System and method for blockchain-based cross-entity authentication
EP3788523B1 (en) System and method for blockchain-based cross-entity authentication
US20230269100A1 (en) Systems and methods for notary agent for public key infrastructure names
US10673626B2 (en) Threshold secret share authentication proof and secure blockchain voting with hardware security modules
US11422981B2 (en) Information management and access control in a database
US11115418B2 (en) Registration and authorization method device and system
WO2021000419A1 (en) System and method for blockchain-based cross-entity authentication
JP7208930B2 (en) Release of controlled cryptographic private keys
US6249873B1 (en) Method of and apparatus for providing secure distributed directory services and public key infrastructure
CN112311735B (en) Credible authentication method, network equipment, system and storage medium
CN112131316A (en) Data processing method and device applied to block chain system
CN114239046A (en) Data sharing method
CN111880919A (en) Data scheduling method, system and computer equipment
Adlam et al. A permissioned blockchain approach to the authorization process in electronic health records
Ahmed et al. Toward fine‐grained access control and privacy protection for video sharing in media convergence environment
JP2024509666A (en) Blockchain data segregation
CN110276693B (en) Insurance claim settlement method and system
CN114710370B (en) Fine-grained access control method and system based on fog block chain and attribute encryption
Ahmed et al. Transparency of SIM profiles for the consumer remote SIM provisioning protocol
CN114363362A (en) Data processing method, device, server and readable storage medium
Majumder et al. Trust relationship establishment among multiple cloud service provider
CN113239376A (en) Data sharing method, request method and device based on block chain
CN113746630A (en) Block chain certificate management method and device, alliance chain and storage medium
CN116561820B (en) Trusted data processing method and related device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination